OTL Logfile: Code:
OTL logfile created on: 31.01.2013 20:08:18 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\DBK23\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,42 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 73,52% Memory free
7,42 Gb Paging File | 6,47 Gb Available in Paging File | 87,20% Paging File free
Paging file location(s): c:\pagefile.sys 4095 4095 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,27 Gb Total Space | 380,40 Gb Free Space | 81,76% Space Free | Partition Type: NTFS
Computer Name: PRODBK23 | User Name: DBK23 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\DBK23\Desktop\OTL.exe (OldTimer Tools)
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV - (67cf29f3c2300003) -- C:\windows\System32\drivers\67cf29f3c2300003.sys ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (mfevtp) -- C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (StarMoney 8.0 OnlineUpdate) -- C:\Programme\StarMoney 8.0 apoEdition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
SRV - (WTGService) -- C:\Programme\XSManager\WTGService.exe ()
SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (ncprwsnt) -- C:\Programme\NCP\SecureClient\ncprwsnt.exe (NCP Engineering GmbH)
SRV - (rwsrsu) -- C:\Programme\NCP\SecureClient\rwsrsu.exe (NCP engineering GmbH)
SRV - (ncpclcfg) -- C:\Programme\NCP\SecureClient\ncpclcfg.exe (NCP engineering GmbH)
SRV - (MatSvc) -- C:\Programme\Microsoft Fix it Center\Matsvc.exe (Microsoft Corporation)
SRV - (NcpSec) -- C:\Programme\NCP\SecureClient\NCPSEC.EXE ()
SRV - (WDFME) -- C:\Programme\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe ()
SRV - (WDSC) -- C:\Programme\Western Digital\WD SmartWare\Front Parlor\WDSC.exe ()
SRV - (WDDMService) -- C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (XS Stick Service) -- C:\Windows\service4g.exe (4G Systems GmbH & Co. KG)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (uvnc_service) -- C:\Programme\UltraVNC\winvnc.exe (UltraVNC)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (DB2JDS) -- C:\SQLLIB\bin\db2jds.exe ()
SRV - (DB2NTSECSERVER) -- C:\SQLLIB\bin\db2sec.exe ()
========== Driver Services (SafeList) ==========
DRV - (nmserial) -- C:\windows\system32\drivers\nmserial.sys File not found
DRV - (GMSIPCI) -- D:\INSTALL\GMSIPCI.SYS File not found
DRV - (67cf29f3c2300003) -- C:\windows\System32\drivers\67cf29f3c2300003.sys ()
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\Windows\System32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (TCPIP6) -- C:\windows\System32\DRIVERS\tcpip.sys ()
DRV - (Tcpip) -- C:\windows\System32\drivers\tcpip.sys ()
DRV - (tcpipreg) -- C:\windows\System32\drivers\tcpipreg.sys ()
DRV - (Ntfs) -- C:\windows\System32\drivers\ntfs.sys ()
DRV - (KSecPkg) -- C:\windows\System32\Drivers\ksecpkg.sys ()
DRV - (CNG) -- C:\windows\System32\Drivers\cng.sys ()
DRV - (RdpVideoMiniport) -- C:\windows\System32\drivers\rdpvideominiport.sys ()
DRV - (TsUsbGD) -- C:\windows\System32\drivers\TsUsbGD.sys ()
DRV - (TsUsbFlt) -- C:\windows\System32\drivers\tsusbflt.sys ()
DRV - (NDIS) -- C:\windows\System32\drivers\ndis.sys ()
DRV - (Wdf01000) -- C:\windows\System32\drivers\Wdf01000.sys ()
DRV - (WudfPf) -- C:\windows\System32\drivers\WudfPf.sys ()
DRV - (WUDFRd) -- C:\windows\System32\DRIVERS\WUDFRd.sys ()
DRV - (cmnsusbser) -- C:\windows\System32\DRIVERS\cmnsusbser.sys ()
DRV - (KSecDD) -- C:\windows\System32\Drivers\ksecdd.sys ()
DRV - (RDPWD) -- C:\windows\System32\drivers\rdpwd.sys ()
DRV - (HipShieldK) -- C:\windows\System32\drivers\HipShieldK.sys ()
DRV - (ncplelhp) -- C:\windows\System32\DRIVERS\ncplelhp.sys ()
DRV - (ncpfilt) -- C:\windows\System32\DRIVERS\ncplelhp.sys ()
DRV - (partmgr) -- C:\windows\System32\drivers\partmgr.sys ()
DRV - (Fs_Rec) -- C:\windows\System32\drivers\fs_rec.sys ()
DRV - (TDTCP) -- C:\windows\System32\drivers\tdtcp.sys ()
DRV - (e1cexpress) -- C:\windows\System32\DRIVERS\e1c6232.sys ()
DRV - (IntcDAud) -- C:\windows\System32\DRIVERS\IntcDAud.sys ()
DRV - (Netaapl) -- C:\windows\System32\DRIVERS\netaapl.sys ()
DRV - (mrxsmb10) -- C:\windows\System32\DRIVERS\mrxsmb10.sys ()
DRV - (e1qexpress) -- C:\windows\System32\DRIVERS\e1q6232.sys ()
DRV - (JRAID) -- C:\windows\System32\drivers\jraid.sys ()
DRV - (srv) -- C:\windows\System32\DRIVERS\srv.sys ()
DRV - (srv2) -- C:\windows\System32\DRIVERS\srv2.sys ()
DRV - (srvnet) -- C:\windows\System32\DRIVERS\srvnet.sys ()
DRV - (mrxsmb20) -- C:\windows\System32\DRIVERS\mrxsmb20.sys ()
DRV - (mrxsmb) -- C:\windows\System32\DRIVERS\mrxsmb.sys ()
DRV - (asmtxhci) -- C:\windows\System32\drivers\asmtxhci.sys ()
DRV - (asmthub3) -- C:\windows\System32\drivers\asmthub3.sys ()
DRV - (usbhub) -- C:\windows\System32\DRIVERS\usbhub.sys ()
DRV - (usbccgp) -- C:\windows\System32\DRIVERS\usbccgp.sys ()
DRV - (usbehci) -- C:\windows\System32\DRIVERS\usbehci.sys ()
DRV - (usbohci) -- C:\windows\System32\drivers\usbohci.sys ()
DRV - (usbuhci) -- C:\windows\System32\drivers\usbuhci.sys ()
DRV - (USBSTOR) -- C:\windows\System32\DRIVERS\USBSTOR.SYS ()
DRV - (bowser) -- C:\windows\System32\DRIVERS\bowser.sys ()
DRV - (WDC_SAM) -- C:\windows\System32\DRIVERS\wdcsam.sys ()
DRV - (SNXPPALX) -- C:\windows\System32\drivers\snxppalx.sys ()
DRV - (SNXPSERX) -- C:\windows\System32\drivers\snxpserx.sys ()
DRV - (NETwNs32) -- C:\windows\System32\DRIVERS\NETwNs32.sys ()
DRV - (volsnap) -- C:\windows\System32\drivers\volsnap.sys ()
DRV - (volmgr) -- C:\windows\System32\drivers\volmgr.sys ()
DRV - (vmbus) -- C:\windows\System32\drivers\vmbus.sys ()
DRV - (vhdmp) -- C:\windows\System32\drivers\vhdmp.sys ()
DRV - (storflt) -- C:\windows\System32\drivers\vmstorfl.sys ()
DRV - (storvsc) -- C:\windows\System32\drivers\storvsc.sys ()
DRV - (TermDD) -- C:\windows\System32\DRIVERS\termdd.sys ()
DRV - (rdyboost) -- C:\windows\System32\drivers\rdyboost.sys ()
DRV - (sbp2port) -- C:\windows\System32\drivers\sbp2port.sys ()
DRV - (pci) -- C:\windows\System32\drivers\pci.sys ()
DRV - (iScsiPrt) -- C:\windows\System32\drivers\msiscsi.sys ()
DRV - (msdsm) -- C:\windows\System32\drivers\msdsm.sys ()
DRV - (mpio) -- C:\windows\System32\drivers\mpio.sys ()
DRV - (mountmgr) -- C:\windows\System32\drivers\mountmgr.sys ()
DRV - (msahci) -- C:\windows\System32\drivers\msahci.sys ()
DRV - (hwpolicy) -- C:\windows\System32\drivers\hwpolicy.sys ()
DRV - (DXGKrnl) -- C:\windows\System32\drivers\dxgkrnl.sys ()
DRV - (fvevol) -- C:\windows\System32\DRIVERS\fvevol.sys ()
DRV - (RDPDR) -- C:\windows\System32\drivers\rdpdr.sys ()
DRV - (tssecsrv) -- C:\windows\System32\DRIVERS\tssecsrv.sys ()
DRV - (RDPCDD) -- C:\windows\System32\DRIVERS\RDPCDD.sys ()
DRV - (TDPIPE) -- C:\windows\System32\drivers\tdpipe.sys ()
DRV - (NdisWan) -- C:\windows\System32\DRIVERS\ndiswan.sys ()
DRV - (Wanarpv6) -- C:\windows\System32\DRIVERS\wanarp.sys ()
DRV - (WANARP) -- C:\windows\System32\DRIVERS\wanarp.sys ()
DRV - (NDProxy) -- C:\windows\System32\drivers\ndproxy.sys ()
DRV - (tunnel) -- C:\windows\System32\DRIVERS\tunnel.sys ()
DRV - (Ndisuio) -- C:\windows\System32\DRIVERS\ndisuio.sys ()
DRV - (umbus) -- C:\windows\System32\DRIVERS\umbus.sys ()
DRV - (WinUsb) -- C:\windows\System32\DRIVERS\WinUsb.sys ()
DRV - (HidUsb) -- C:\windows\System32\DRIVERS\hidusb.sys ()
DRV - (sffp_sd) -- C:\windows\System32\drivers\sffp_sd.sys ()
DRV - (CompositeBus) -- C:\windows\System32\DRIVERS\CompositeBus.sys ()
DRV - (kbdhid) -- C:\windows\System32\DRIVERS\kbdhid.sys ()
DRV - (scfilter) -- C:\windows\System32\DRIVERS\scfilter.sys ()
DRV - (IPMIDRV) -- C:\windows\System32\drivers\IPMIDrv.sys ()
DRV - (dmvsc) -- C:\windows\System32\drivers\dmvsc.sys ()
DRV - (VMBusHID) -- C:\windows\System32\drivers\VMBusHID.sys ()
DRV - (s3cap) -- C:\windows\System32\drivers\vms3cap.sys ()
DRV - (CSC) -- C:\windows\System32\drivers\csc.sys ()
DRV - (rdbss) -- C:\windows\System32\DRIVERS\rdbss.sys ()
DRV - (MRxDAV) -- C:\windows\System32\drivers\mrxdav.sys ()
DRV - (DfsC) -- C:\windows\System32\Drivers\dfsc.sys ()
DRV - (udfs) -- C:\windows\System32\DRIVERS\udfs.sys ()
DRV - (HTTP) -- C:\windows\System32\drivers\HTTP.sys ()
DRV - (NetBT) -- C:\windows\System32\DRIVERS\netbt.sys ()
DRV - (tdx) -- C:\windows\System32\DRIVERS\tdx.sys ()
DRV - (cdrom) -- C:\windows\System32\DRIVERS\cdrom.sys ()
DRV - (FTDIBUS) -- C:\windows\System32\drivers\ftdibus.sys ()
DRV - (FTSER2K) -- C:\windows\System32\drivers\ftser2k.sys ()
DRV - (StnPport) -- C:\windows\System32\drivers\StnPport.sys ()
DRV - (StnSport) -- C:\windows\System32\drivers\StnSport.sys ()
DRV - (nvlddmkm) -- C:\windows\System32\DRIVERS\nvlddmkm.sys ()
DRV - (rtl8192se) -- C:\windows\System32\DRIVERS\rtl8192se.sys ()
DRV - (athr) -- C:\windows\System32\DRIVERS\athr.sys ()
DRV - (MEI) -- C:\windows\System32\drivers\HECI.sys ()
DRV - (HECI) -- C:\windows\System32\drivers\HECI.sys ()
DRV - (SPorts) -- C:\windows\System32\drivers\SPorts.sys ()
DRV - (FSCSLII) -- C:\windows\System32\drivers\FSCSLII.sys ()
DRV - (nvstor32) -- C:\windows\System32\drivers\nvstor32.sys ()
DRV - (nvrd32) -- C:\windows\System32\drivers\nvrd32.sys ()
DRV - (PPorts) -- C:\windows\System32\drivers\PPorts.sys ()
DRV - (PciPPorts) -- C:\windows\System32\drivers\PciPPorts.sys ()
DRV - (TPM) -- C:\windows\System32\drivers\tpm.sys ()
DRV - (Ser2pl) -- C:\windows\System32\drivers\ser2pl.sys ()
DRV - (nvamacpi) -- C:\windows\System32\drivers\NVAMACPI.sys ()
DRV - (CLFS) -- C:\windows\System32\CLFS.sys ()
DRV - (Compbatt) -- C:\windows\System32\drivers\compbatt.sys ()
DRV - (atapi) -- C:\windows\System32\drivers\atapi.sys ()
DRV - (pciide) -- C:\windows\System32\drivers\pciide.sys ()
DRV - (MsRPC) -- C:\windows\System32\drivers\msrpc.sys ()
DRV - (nv_agp) -- C:\windows\System32\drivers\nv_agp.sys ()
DRV - (Mup) -- C:\windows\System32\Drivers\mup.sys ()
DRV - (mouclass) -- C:\windows\System32\DRIVERS\mouclass.sys ()
DRV - (mssmbios) -- C:\windows\System32\DRIVERS\mssmbios.sys ()
DRV - (msisadrv) -- C:\windows\System32\drivers\msisadrv.sys ()
DRV - (isapnp) -- C:\windows\System32\drivers\isapnp.sys ()
DRV - (kbdclass) -- C:\windows\System32\DRIVERS\kbdclass.sys ()
DRV - (intelide) -- C:\windows\System32\drivers\intelide.sys ()
DRV - (FltMgr) -- C:\windows\System32\drivers\fltmgr.sys ()
DRV - (FileInfo) -- C:\windows\System32\drivers\fileinfo.sys ()
DRV - (gagp30kx) -- C:\windows\System32\drivers\gagp30kx.sys ()
DRV - (FsDepends) -- C:\windows\System32\drivers\FsDepends.sys ()
DRV - (crcdisk) -- C:\windows\System32\drivers\crcdisk.sys ()
DRV - (Disk) -- C:\windows\System32\drivers\disk.sys ()
DRV - (volmgrx) -- C:\windows\System32\drivers\volmgrx.sys ()
DRV - (uliagpkx) -- C:\windows\System32\drivers\uliagpkx.sys ()
DRV - (Wd) -- C:\windows\System32\drivers\wd.sys ()
DRV - (uagp35) -- C:\windows\System32\drivers\uagp35.sys ()
DRV - (viaagp) -- C:\windows\System32\drivers\viaagp.sys ()
DRV - (vdrvroot) -- C:\windows\System32\drivers\vdrvroot.sys ()
DRV - (WIMMount) -- C:\windows\System32\drivers\wimmount.sys ()
DRV - (swenum) -- C:\windows\System32\DRIVERS\swenum.sys ()
DRV - (pcw) -- C:\windows\System32\drivers\pcw.sys ()
DRV - (pcmcia) -- C:\windows\System32\drivers\pcmcia.sys ()
DRV - (spldr) -- C:\windows\System32\drivers\spldr.sys ()
DRV - (PEAUTH) -- C:\windows\System32\drivers\peauth.sys ()
DRV - (usbprint) -- C:\windows\System32\drivers\usbprint.sys ()
DRV - (rdpbus) -- C:\windows\System32\DRIVERS\rdpbus.sys ()
DRV - (RDPREFMP) -- C:\windows\System32\drivers\rdprefmp.sys ()
DRV - (RDPENCDD) -- C:\windows\System32\drivers\rdpencdd.sys ()
DRV - (Modem) -- C:\windows\System32\drivers\modem.sys ()
DRV - (ROOTMODEM) -- C:\windows\System32\Drivers\RootMdm.sys ()
DRV - (ws2ifsl) -- C:\windows\System32\drivers\ws2ifsl.sys ()
DRV - (RasAgileVpn) -- C:\windows\System32\DRIVERS\AgileVpn.sys ()
DRV - (RasSstp) -- C:\windows\System32\DRIVERS\rassstp.sys ()
DRV - (RasPppoe) -- C:\windows\System32\DRIVERS\raspppoe.sys ()
DRV - (PptpMiniport) -- C:\windows\System32\DRIVERS\raspptp.sys ()
DRV - (AsyncMac) -- C:\windows\System32\DRIVERS\asyncmac.sys ()
DRV - (RasAcd) -- C:\windows\System32\DRIVERS\rasacd.sys ()
DRV - (Rasl2tp) -- C:\windows\System32\DRIVERS\rasl2tp.sys ()
DRV - (IPNAT) -- C:\windows\System32\drivers\ipnat.sys ()
DRV - (IpFilterDriver) -- C:\windows\System32\DRIVERS\ipfltdrv.sys ()
DRV - (NdisTapi) -- C:\windows\System32\DRIVERS\ndistapi.sys ()
DRV - (QWAVEdrv) -- C:\windows\System32\drivers\qwavedrv.sys ()
DRV - (Psched) -- C:\windows\System32\DRIVERS\pacer.sys ()
DRV - (NetBIOS) -- C:\windows\System32\DRIVERS\netbios.sys ()
DRV - (WfpLwf) -- C:\windows\System32\DRIVERS\wfplwf.sys ()
DRV - (Smb) -- C:\windows\System32\DRIVERS\smb.sys ()
DRV - (IRENUM) -- C:\windows\System32\drivers\irenum.sys ()
DRV - (rspndr) -- C:\windows\System32\DRIVERS\rspndr.sys ()
DRV - (lltdio) -- C:\windows\System32\DRIVERS\lltdio.sys ()
DRV - (mpsdrv) -- C:\windows\System32\drivers\mpsdrv.sys ()
DRV - (NdisCap) -- C:\windows\System32\DRIVERS\ndiscap.sys ()
DRV - (vwifimp) -- C:\windows\System32\DRIVERS\vwifimp.sys ()
DRV - (vwififlt) -- C:\windows\System32\DRIVERS\vwififlt.sys ()
DRV - (NativeWifiP) -- C:\windows\System32\DRIVERS\nwifi.sys ()
DRV - (vwifibus) -- C:\windows\System32\DRIVERS\vwifibus.sys ()
DRV - (usbvideo) -- C:\windows\System32\Drivers\usbvideo.sys ()
DRV - (HdAudAddService) -- C:\windows\System32\drivers\HdAudio.sys ()
DRV - (BthPan) -- C:\windows\System32\DRIVERS\bthpan.sys ()
DRV - (RFCOMM) -- C:\windows\System32\DRIVERS\rfcomm.sys ()
DRV - (BTHUSB) -- C:\windows\System32\Drivers\BTHUSB.sys ()
DRV - (BthEnum) -- C:\windows\System32\drivers\BthEnum.sys ()
DRV - (UmPass) -- C:\windows\System32\drivers\umpass.sys ()
DRV - (BTHMODEM) -- C:\windows\System32\drivers\bthmodem.sys ()
DRV - (HidBth) -- C:\windows\System32\drivers\hidbth.sys ()
DRV - (BTHPORT) -- C:\windows\System32\Drivers\BTHport.sys ()
DRV - (ohci1394) -- C:\windows\System32\drivers\ohci1394.sys ()
DRV - (usbcir) -- C:\windows\System32\drivers\usbcir.sys ()
DRV - (circlass) -- C:\windows\System32\DRIVERS\circlass.sys ()
DRV - (mshidkmdf) -- C:\windows\System32\drivers\mshidkmdf.sys ()
DRV - (HidIr) -- C:\windows\System32\drivers\hidir.sys ()
DRV - (drmkaud) -- C:\windows\System32\drivers\drmkaud.sys ()
DRV - (MTConfig) -- C:\windows\System32\drivers\MTConfig.sys ()
DRV - (WacomPen) -- C:\windows\System32\drivers\wacompen.sys ()
DRV - (sfloppy) -- C:\windows\System32\drivers\sfloppy.sys ()
DRV - (sffp_mmc) -- C:\windows\System32\drivers\sffp_mmc.sys ()
DRV - (sffdisk) -- C:\windows\System32\drivers\sffdisk.sys ()
DRV - (fdc) -- C:\windows\System32\drivers\fdc.sys ()
DRV - (flpydisk) -- C:\windows\System32\drivers\flpydisk.sys ()
DRV - (Parport) -- C:\windows\System32\drivers\parport.sys ()
DRV - (Serial) -- C:\windows\System32\drivers\serial.sys ()
DRV - (Parvdm) -- C:\windows\System32\drivers\parvdm.sys ()
DRV - (Serenum) -- C:\windows\System32\drivers\serenum.sys ()
DRV - (mouhid) -- C:\windows\System32\DRIVERS\mouhid.sys ()
DRV - (sermouse) -- C:\windows\System32\drivers\sermouse.sys ()
DRV - (MSKSSRV) -- C:\windows\System32\drivers\MSKSSRV.sys ()
DRV - (MSTEE) -- C:\windows\System32\drivers\MSTEE.sys ()
DRV - (MSPCLOCK) -- C:\windows\System32\drivers\MSPCLOCK.sys ()
DRV - (MSPQM) -- C:\windows\System32\drivers\MSPQM.sys ()
DRV - (Beep) -- C:\windows\System32\drivers\beep.sys ()
DRV - (monitor) -- C:\windows\System32\DRIVERS\monitor.sys ()
DRV - (VgaSave) -- C:\windows\System32\drivers\vga.sys ()
DRV - (vga) -- C:\windows\System32\DRIVERS\vgapnp.sys ()
DRV - (discache) -- C:\windows\System32\drivers\discache.sys ()
DRV - (blbdrive) -- C:\windows\System32\DRIVERS\blbdrive.sys ()
DRV - (HidBatt) -- C:\windows\System32\drivers\HidBatt.sys ()
DRV - (ErrDev) -- C:\windows\System32\drivers\errdev.sys ()
DRV - (CmBatt) -- C:\windows\System32\DRIVERS\CmBatt.sys ()
DRV - (WmiAcpi) -- C:\windows\System32\drivers\wmiacpi.sys ()
DRV - (luafv) -- C:\windows\System32\drivers\luafv.sys ()
DRV - (Filetrace) -- C:\windows\System32\drivers\filetrace.sys ()
DRV - (exfat) -- C:\windows\System32\drivers\exfat.sys ()
DRV - (fastfat) -- C:\windows\System32\drivers\fastfat.sys ()
DRV - (nsiproxy) -- C:\windows\System32\drivers\nsiproxy.sys ()
DRV - (Npfs) -- C:\windows\System32\drivers\npfs.sys ()
DRV - (Msfs) -- C:\windows\System32\drivers\msfs.sys ()
DRV - (i8042prt) -- C:\windows\System32\DRIVERS\i8042prt.sys ()
DRV - (cdfs) -- C:\windows\System32\DRIVERS\cdfs.sys ()
DRV - (Null) -- C:\windows\System32\drivers\null.sys ()
DRV - (intelppm) -- C:\windows\System32\DRIVERS\intelppm.sys ()
DRV - (ViaC7) -- C:\windows\System32\drivers\viac7.sys ()
DRV - (Processor) -- C:\windows\System32\drivers\processr.sys ()
DRV - (FPCIBASE) -- C:\windows\System32\DRIVERS\fpcibase.sys ()
DRV - (AVMCOWAN) -- C:\windows\System32\DRIVERS\AVMCOWAN.sys ()
DRV - (IntcHdmiAddService) -- C:\windows\System32\drivers\IntcHdmi.sys ()
DRV - (enecir) -- C:\windows\System32\drivers\enecir.sys ()
DRV - (nvsmu) -- C:\windows\System32\drivers\nvsmu.sys ()
DRV - (e1express) -- C:\windows\System32\DRIVERS\e1e6232.sys ()
DRV - (e1kexpress) -- C:\windows\System32\DRIVERS\e1k6232.sys ()
DRV - (enecirhid) -- C:\windows\System32\drivers\enecirhid.sys ()
DRV - (OxSer) -- C:\windows\System32\drivers\OxSer.sys ()
DRV - (FscGabi) -- C:\windows\System32\drivers\FscGabi.sys ()
DRV - (PciSPorts) -- C:\windows\System32\drivers\PciSPorts.sys ()
DRV - (PciIsaSerial) -- C:\windows\System32\drivers\PciIsaSerial.sys ()
DRV - (OxPPort) -- C:\Windows\System32\drivers\OxPPort.sys (OEM)
DRV - (ITESerial) -- C:\windows\System32\drivers\ITEserial.sys ()
DRV - (ISASerial) -- C:\windows\System32\drivers\ISASerial.sys ()
DRV - (enecirhidma) -- C:\windows\System32\drivers\enecirhidma.sys ()
DRV - (OxPCIeSer) -- C:\windows\System32\drivers\OxPCIeSer.sys ()
DRV - (oxpar) -- C:\windows\System32\drivers\oxpar.sys ()
DRV - (FUJ02E3) -- C:\windows\System32\DRIVERS\FUJ02E3.sys ()
DRV - (FUJ02B1) -- C:\windows\System32\DRIVERS\FUJ02B1.sys ()
DRV - (PosDrv2K) -- C:\windows\System32\Drivers\PosDrv2K.sys ()
DRV - (DWCOM) -- C:\windows\System32\drivers\dwcom.sys ()
DRV - (NmPar) -- C:\windows\System32\drivers\NmPar.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1119278486-3806077164-1662528105-1059\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.Awinta.de
IE - HKU\S-1-5-21-1119278486-3806077164-1662528105-1059\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.Awinta.de
IE - HKU\S-1-5-21-1119278486-3806077164-1662528105-1059\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-1119278486-3806077164-1662528105-1059\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1119278486-3806077164-1662528105-1059\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1119278486-3806077164-1662528105-1059\..\SearchScopes\{E9B86382-528A-4111-9381-D66EBD0E7833}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKU\S-1-5-21-1119278486-3806077164-1662528105-1059\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1119278486-3806077164-1662528105-1059\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2013.01.15 09:47:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012.12.14 08:47:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013.01.22 11:07:28 | 000,000,000 | ---D | M]
[2012.06.25 20:18:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DBK23\AppData\Roaming\mozilla\Extensions
[2012.06.25 20:18:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DBK23\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\Mcafee\SystemCore\ScriptSn.20120810161336.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1119278486-3806077164-1662528105-1059\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NcpBudgetGui] C:\Program Files\NCP\SecureClient\NcpBudgetGui.exe (NCP engineering GmbH)
O4 - HKLM..\Run: [NcpMonitor] C:\Program Files\NCP\SecureClient\ncpmon.exe (NCP engineering GmbH)
O4 - HKLM..\Run: [NcpPopup] C:\Program Files\NCP\SecureClient\ncppopup.exe (NCP engineering GmbH)
O4 - HKLM..\Run: [NcpRsuGui] C:\Program Files\NCP\SecureClient\rwsrsu.exe (NCP engineering GmbH)
O4 - HKLM..\Run: [starter4g] C:\Windows\starter4g.exe (4G Systems GmbH & Co. KG)
O4 - HKU\S-1-5-21-1119278486-3806077164-1662528105-1059..\Run: [ApplePhotoStreams] C:\Programme\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\S-1-5-21-1119278486-3806077164-1662528105-1059..\Run: [iCloudServices] C:\Programme\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-21-1119278486-3806077164-1662528105-1059..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKU\S-1-5-21-1119278486-3806077164-1662528105-1059..\Run: [PicPick Start] C:\Programme\PicPick\picpick.exe ()
O4 - HKU\S-1-5-21-1119278486-3806077164-1662528105-1059..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Apothekenadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\DBK13\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\DBK23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\DBR11\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\DBR5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = File not found
O4 - Startup: C:\Users\DBR6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\DBR7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\DBR8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\DBR9\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\DBRX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.com/system/iCloud.cab (iCloud Web App Plugin)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab (ScorchPlugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0EBC4DCF-4FAF-433F-9A5E-E7B168D875A7}: DhcpNameServer = 10.74.210.210 10.74.210.211
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3DB67676-4E0B-4250-AA26-2A83136FCC82}: DhcpNameServer = 10.44.212.2 10.44.212.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8115A055-32A8-4D6B-ACF8-14C902308A9B}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{778493c1-3f30-11e0-9873-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{778493c1-3f30-11e0-9873-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Bin\assetup.exe
O33 - MountPoints2\{cd80cbe0-c181-11df-a737-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{cd80cbe0-c181-11df-a737-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe
O33 - MountPoints2\{da91cc4f-ca61-11e1-b8ec-4c8093563d98}\Shell - "" = AutoRun
O33 - MountPoints2\{da91cc4f-ca61-11e1-b8ec-4c8093563d98}\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-1119278486-3806077164-1662528105-1059..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.01.31 18:15:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013.01.31 15:54:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\DBK23\Desktop\OTL.exe
[2013.01.28 19:51:00 | 000,000,000 | ---D | C] -- C:\Users\DBK23\AppData\Roaming\Malwarebytes
[2013.01.28 19:50:53 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2013.01.28 19:50:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.01.28 19:50:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.01.28 19:50:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.01.28 19:50:44 | 000,000,000 | ---D | C] -- C:\Users\DBK23\AppData\Local\Programs
[2013.01.28 19:20:28 | 000,000,000 | ---D | C] -- C:\Users\DBK23\AppData\Local\FixItCenter
[2013.01.28 19:17:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center
[2013.01.28 19:17:33 | 000,000,000 | ---D | C] -- C:\windows\MATS
[2013.01.24 09:36:49 | 000,000,000 | ---D | C] -- C:\Users\DBK23\Documents\Oktober 2012
[2013.01.24 09:36:48 | 000,000,000 | ---D | C] -- C:\Users\DBK23\Documents\November 2012
[2013.01.15 11:08:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojancheck 6
[2013.01.15 11:08:52 | 000,000,000 | ---D | C] -- C:\Program Files\Trojancheck 6
[2013.01.11 08:32:42 | 000,000,000 | ---D | C] -- C:\Users\DBK23\Documents\Buchhaltung
[2013.01.09 09:04:52 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\conhost.exe
[2013.01.09 09:04:52 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll
[2013.01.09 09:04:52 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 09:04:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 09:04:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 09:04:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 09:04:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 09:04:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 09:04:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 09:04:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 09:04:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 09:04:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 09:04:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 09:04:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 09:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 09:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 09:04:50 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 09:04:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 09:04:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 09:04:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 09:04:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 09:04:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 09:04:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 09:04:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 09:04:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 09:04:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 09:04:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 09:04:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 09:04:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 09:04:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 09:04:12 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\System32\fpb.rs
[2013.01.09 09:04:12 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\System32\oflc-nz.rs
[2013.01.09 09:04:12 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\System32\csrr.rs
[2013.01.09 09:04:12 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\System32\cob-au.rs
[2013.01.09 09:04:11 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\gameux.dll
[2013.01.09 09:04:11 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Wpc.dll
[2013.01.09 09:04:11 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\System32\pegibbfc.rs
[2013.01.09 09:04:11 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\System32\usk.rs
[2013.01.09 09:04:11 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\System32\grb.rs
[2013.01.09 09:04:11 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi-pt.rs
[2013.01.09 09:04:11 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi.rs
[2013.01.09 09:04:11 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\System32\djctq.rs
[2013.01.09 09:04:08 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\System32\esrb.rs
[2013.01.09 09:04:07 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\System32\cero.rs
[2013.01.09 09:04:07 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\System32\oflc.rs
[2013.01.09 09:04:07 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi-fi.rs
[2013.01.09 09:03:54 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ncrypt.dll
[2013.01.09 09:03:54 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskhost.exe
[2013.01.07 08:11:10 | 000,000,000 | ---D | C] -- C:\Users\DBK23\Documents\PHARMA TEAM
[1 C:\Users\DBK23\Documents\*.tmp files -> C:\Users\DBK23\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.01.31 20:06:56 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.01.31 20:06:49 | 2751,426,560 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.31 18:15:35 | 000,019,616 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.31 18:15:35 | 000,019,616 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.31 18:12:52 | 000,657,676 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2013.01.31 18:12:52 | 000,618,912 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013.01.31 18:12:52 | 000,131,016 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2013.01.31 18:12:52 | 000,107,232 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013.01.31 17:47:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.01.31 17:28:17 | 000,000,000 | ---- | M] () -- C:\Users\DBK23\defogger_reenable
[2013.01.31 15:54:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DBK23\Desktop\OTL.exe
[2013.01.31 08:38:17 | 005,152,319 | ---- | M] () -- C:\Users\DBK23\Documents\1112.zip
[2013.01.31 08:37:06 | 000,248,417 | ---- | M] () -- C:\Users\DBK23\Documents\13_01_31_Apotheke_am_Brudertor_59494_Soest.pdf
[2013.01.29 11:06:53 | 000,016,176 | ---- | M] () -- C:\Users\DBK23\Documents\Druck Tagesabschluss_2012_Sued.pdf
[2013.01.29 11:06:53 | 000,015,473 | ---- | M] () -- C:\Users\DBK23\Documents\Druck Tagesabschluss_1212_sued.pdf
[2013.01.29 11:01:14 | 000,015,851 | ---- | M] () -- C:\Users\DBK23\Documents\Druck Tagesabschluss_2012_HANSA.pdf
[2013.01.29 11:01:14 | 000,015,486 | ---- | M] () -- C:\Users\DBK23\Documents\Druck Tagesabschluss_1212_HANSA.pdf
[2013.01.29 10:57:44 | 000,006,422 | ---- | M] () -- C:\Users\DBK23\Documents\Druck Tagesabschluss_2012_Hellweg.pdf
[2013.01.29 10:57:44 | 000,006,062 | ---- | M] () -- C:\Users\DBK23\Documents\Druck Tagesabschluss_DEZ12_Hellweg.pdf
[2013.01.29 10:28:00 | 000,013,570 | ---- | M] () -- C:\Users\DBK23\Documents\TAGESABSCHLUSS_2012_BRUEDERTOR.pdf
[2013.01.29 10:25:42 | 000,012,753 | ---- | M] () -- C:\Users\DBK23\Documents\TAGESABSCHLUSS_DEZ_BRUEDERTOR.pdf
[2013.01.28 19:50:54 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.01.28 19:17:33 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Fix*it Center.lnk
[2013.01.23 21:33:10 | 000,072,165 | ---- | M] () -- C:\Users\DBK23\Desktop\Protokoll Meeting Filialleiter Apotheken Herrn Hufnagels 10.1.2013.pdf
[2013.01.22 20:47:07 | 000,779,365 | ---- | M] () -- C:\Users\DBK23\Desktop\BTM-im-Altersheim.pdf.xunvixk.partial
[2013.01.21 12:19:50 | 000,216,701 | ---- | M] () -- C:\DEVK.pdf
[2013.01.17 13:53:41 | 000,000,031 | ---- | M] () -- C:\DLGGLOB.DAT
[2013.01.15 07:58:30 | 000,060,288 | ---- | M] () -- C:\windows\System32\drivers\67cf29f3c2300003.sys
[2013.01.14 11:32:47 | 000,027,988 | -HS- | M] () -- C:\ProgramData\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl
[2013.01.14 11:32:46 | 000,027,988 | -HS- | M] () -- C:\Users\DBK23\AppData\Local\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl
[2013.01.14 09:41:57 | 000,527,752 | ---- | M] () -- C:\dru.dat
[2013.01.10 14:42:54 | 000,001,842 | ---- | M] () -- C:\Users\DBK23\Desktop\packshot-internet-calcium-d3-stada-1000-mg880-i-e-brausetabletten - Verknüpfung.lnk
[2013.01.10 14:40:08 | 000,085,813 | ---- | M] () -- C:\Users\DBK23\Documents\calciumd3stada.jpg
[2013.01.10 14:39:40 | 000,115,369 | ---- | M] () -- C:\Users\DBK23\Documents\packshot-internet-ginkgo-stada-tropfen.jpg
[2013.01.10 14:39:14 | 000,059,290 | ---- | M] () -- C:\Users\DBK23\Documents\packshot-internet-amorolfin-stada-5%-wirkstoffhaltiger-nagellack.jpg
[2013.01.10 14:38:56 | 000,032,968 | ---- | M] () -- C:\Users\DBK23\Documents\packshot-internet-silymarin-stada-167-mg-hartkapseln.jpg
[2013.01.10 14:02:20 | 000,005,691 | ---- | M] () -- C:\result.xml
[2013.01.09 15:49:05 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2013.01.09 15:49:05 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2013.01.09 11:08:23 | 000,392,200 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013.01.08 10:04:29 | 001,754,323 | ---- | M] () -- C:\Users\DBK23\Documents\2012_07_Ueberweiser_ElacElysee_Selbstausdruck.pdf
[1 C:\Users\DBK23\Documents\*.tmp files -> C:\Users\DBK23\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.01.31 17:28:17 | 000,000,000 | ---- | C] () -- C:\Users\DBK23\defogger_reenable
[2013.01.31 08:38:16 | 005,152,319 | ---- | C] () -- C:\Users\DBK23\Documents\1112.zip
[2013.01.31 08:37:06 | 000,248,417 | ---- | C] () -- C:\Users\DBK23\Documents\13_01_31_Apotheke_am_Brudertor_59494_Soest.pdf
[2013.01.29 11:06:53 | 000,016,176 | ---- | C] () -- C:\Users\DBK23\Documents\Druck Tagesabschluss_2012_Sued.pdf
[2013.01.29 11:06:53 | 000,015,473 | ---- | C] () -- C:\Users\DBK23\Documents\Druck Tagesabschluss_1212_sued.pdf
[2013.01.29 11:01:14 | 000,015,851 | ---- | C] () -- C:\Users\DBK23\Documents\Druck Tagesabschluss_2012_HANSA.pdf
[2013.01.29 11:01:14 | 000,015,486 | ---- | C] () -- C:\Users\DBK23\Documents\Druck Tagesabschluss_1212_HANSA.pdf
[2013.01.29 10:57:44 | 000,006,422 | ---- | C] () -- C:\Users\DBK23\Documents\Druck Tagesabschluss_2012_Hellweg.pdf
[2013.01.29 10:57:44 | 000,006,062 | ---- | C] () -- C:\Users\DBK23\Documents\Druck Tagesabschluss_DEZ12_Hellweg.pdf
[2013.01.29 10:28:00 | 000,013,570 | ---- | C] () -- C:\Users\DBK23\Documents\TAGESABSCHLUSS_2012_BRUEDERTOR.pdf
[2013.01.29 10:25:40 | 000,012,753 | ---- | C] () -- C:\Users\DBK23\Documents\TAGESABSCHLUSS_DEZ_BRUEDERTOR.pdf
[2013.01.28 19:50:54 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.01.28 19:17:33 | 000,000,943 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Fix it Center.lnk
[2013.01.28 19:17:33 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Fix*it Center.lnk
[2013.01.23 21:33:10 | 000,072,165 | ---- | C] () -- C:\Users\DBK23\Desktop\Protokoll Meeting Filialleiter Apotheken Herrn Hufnagels 10.1.2013.pdf
[2013.01.22 20:47:07 | 000,779,365 | ---- | C] () -- C:\Users\DBK23\Desktop\BTM-im-Altersheim.pdf.xunvixk.partial
[2013.01.21 12:19:50 | 000,216,701 | ---- | C] () -- C:\DEVK.pdf
[2013.01.15 07:58:30 | 000,060,288 | ---- | C] () -- C:\windows\System32\drivers\67cf29f3c2300003.sys
[2013.01.14 11:30:20 | 000,027,988 | -HS- | C] () -- C:\ProgramData\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl
[2013.01.14 11:30:19 | 000,027,988 | -HS- | C] () -- C:\Users\DBK23\AppData\Local\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl
[2013.01.10 14:42:54 | 000,001,842 | ---- | C] () -- C:\Users\DBK23\Desktop\packshot-internet-calcium-d3-stada-1000-mg880-i-e-brausetabletten - Verknüpfung.lnk
[2013.01.10 14:40:08 | 000,085,813 | ---- | C] () -- C:\Users\DBK23\Documents\calciumd3stada.jpg
[2013.01.10 14:39:40 | 000,115,369 | ---- | C] () -- C:\Users\DBK23\Documents\packshot-internet-ginkgo-stada-tropfen.jpg
[2013.01.10 14:39:14 | 000,059,290 | ---- | C] () -- C:\Users\DBK23\Documents\packshot-internet-amorolfin-stada-5%-wirkstoffhaltiger-nagellack.jpg
[2013.01.10 14:38:55 | 000,032,968 | ---- | C] () -- C:\Users\DBK23\Documents\packshot-internet-silymarin-stada-167-mg-hartkapseln.jpg
[2013.01.09 09:05:17 | 002,345,984 | ---- | C] () -- C:\windows\System32\win32k.sys
[2013.01.08 10:04:25 | 001,754,323 | ---- | C] () -- C:\Users\DBK23\Documents\2012_07_Ueberweiser_ElacElysee_Selbstausdruck.pdf
[2012.12.21 15:00:32 | 000,295,424 | ---- | C] () -- C:\windows\System32\atmfd.dll
[2012.11.28 16:46:29 | 000,146,872 | ---- | C] () -- C:\windows\System32\drivers\HipShieldK.sys
[2012.11.15 11:35:49 | 000,014,848 | ---- | C] () -- C:\windows\System32\drivers\rdpvideominiport.sys
[2012.11.15 11:35:48 | 000,049,664 | ---- | C] () -- C:\windows\System32\drivers\TsUsbFlt.sys
[2012.11.15 11:35:48 | 000,027,136 | ---- | C] () -- C:\windows\System32\drivers\TsUsbGD.sys
[2012.11.15 11:35:47 | 000,221,184 | ---- | C] () -- C:\windows\System32\rdpudd.dll
[2012.11.15 11:28:28 | 000,526,952 | ---- | C] () -- C:\windows\System32\drivers\Wdf01000.sys
[2012.11.15 11:28:28 | 000,047,720 | ---- | C] () -- C:\windows\System32\drivers\WdfLdr.sys
[2012.11.15 11:27:56 | 000,155,136 | ---- | C] () -- C:\windows\System32\drivers\WUDFRd.sys
[2012.11.15 11:27:56 | 000,066,560 | ---- | C] () -- C:\windows\System32\drivers\WUDFPf.sys
[2012.11.15 08:51:02 | 001,293,680 | ---- | C] () -- C:\windows\System32\drivers\tcpip.sys
[2012.11.15 08:50:59 | 000,035,328 | ---- | C] () -- C:\windows\System32\drivers\tcpipreg.sys
[2012.11.15 08:50:39 | 000,136,560 | ---- | C] () -- C:\windows\System32\drivers\ksecpkg.sys
[2012.11.15 08:50:38 | 000,369,856 | ---- | C] () -- C:\windows\System32\drivers\cng.sys
[2012.10.10 08:09:37 | 001,211,760 | ---- | C] () -- C:\windows\System32\drivers\ntfs.sys
[2012.10.10 08:09:32 | 003,968,880 | ---- | C] () -- C:\windows\System32\ntkrnlpa.exe
[2012.09.28 10:32:56 | 000,044,544 | ---- | C] () -- C:\windows\System32\drivers\usbaapl.sys
[2012.09.13 14:07:51 | 000,712,048 | ---- | C] () -- C:\windows\System32\drivers\ndis.sys
[2012.09.13 14:07:50 | 000,033,280 | ---- | C] () -- C:\windows\System32\drivers\RNDISMP.sys
[2012.09.13 14:07:48 | 000,240,496 | ---- | C] () -- C:\windows\System32\drivers\netio.sys
[2012.09.13 14:07:48 | 000,187,760 | ---- | C] () -- C:\windows\System32\drivers\FWPKCLNT.SYS
[2012.09.11 09:32:13 | 000,082,960 | ---- | C] () -- C:\windows\System32\drivers\ncplelhp.sys
[2012.09.05 09:37:35 | 000,019,824 | ---- | C] () -- C:\windows\System32\drivers\fs_rec.sys
[2012.09.05 09:09:29 | 000,024,576 | ---- | C] () -- C:\windows\System32\drivers\tdtcp.sys
[2012.09.05 08:57:53 | 000,000,170 | ---- | C] () -- C:\windows\ODBCINST.INI
[2012.09.05 08:53:24 | 000,434,240 | ---- | C] () -- C:\windows\System32\LIBIPF32.DLL
[2012.09.05 08:53:24 | 000,032,256 | ---- | C] () -- C:\windows\System32\IPF32.DLL
[2012.09.05 08:44:21 | 000,000,111 | ---- | C] () -- C:\windows\VsaInstall.ini
[2012.07.12 12:40:50 | 000,067,440 | ---- | C] () -- C:\windows\System32\drivers\ksecdd.sys
[2012.07.10 09:34:13 | 000,120,320 | ---- | C] () -- C:\windows\System32\drivers\cmntnet.sys
[2012.07.10 09:34:13 | 000,112,640 | ---- | C] () -- C:\windows\System32\drivers\cm_net32.sys
[2012.07.10 09:34:13 | 000,103,424 | ---- | C] () -- C:\windows\System32\drivers\cmnsusbser.sys
[2012.07.05 13:11:24 | 000,183,808 | ---- | C] () -- C:\windows\System32\drivers\rdpwd.sys
[2012.06.26 19:02:56 | 000,145,112 | -H-- | C] () -- C:\windows\System32\mlfcache.dat
[2012.05.15 10:19:20 | 000,000,112 | ---- | C] () -- C:\windows\ODBC.INI
[2012.05.15 09:53:55 | 000,056,176 | ---- | C] () -- C:\windows\System32\drivers\partmgr.sys
[2012.05.15 09:51:08 | 000,007,605 | ---- | C] () -- C:\Users\DBK23\AppData\Local\Resmon.ResmonCfg
[2012.01.17 10:13:01 | 000,282,792 | ---- | C] () -- C:\windows\System32\drivers\e1c6232.sys
[2011.12.21 13:11:35 | 000,414,824 | ---- | C] () -- C:\windows\System32\drivers\Rt86win7.sys
[2011.12.21 13:11:35 | 000,086,392 | ---- | C] () -- C:\windows\System32\drivers\snxppalx.sys
[2011.12.21 13:11:35 | 000,080,416 | ---- | C] () -- C:\windows\System32\RtNicProp32.dll
[2011.12.21 13:11:35 | 000,078,712 | ---- | C] () -- C:\windows\System32\drivers\snxpserx.sys
[2011.12.21 13:11:32 | 003,546,664 | ---- | C] () -- C:\windows\System32\drivers\RTKVHDA.sys
[2011.12.21 13:11:30 | 000,150,996 | ---- | C] () -- C:\windows\System32\drivers\RTAIODAT.DAT
[2011.12.21 13:11:23 | 000,120,320 | ---- | C] () -- C:\windows\System32\drivers\StnSport.sys
[2011.12.21 13:11:23 | 000,083,456 | ---- | C] () -- C:\windows\System32\drivers\StnPport.sys
[2011.12.21 13:11:23 | 000,022,774 | ---- | C] () -- C:\windows\System32\StnLang.ini
[2011.12.21 13:11:23 | 000,019,456 | ---- | C] () -- C:\windows\System32\StnCoInst.dll
[2011.12.21 13:11:22 | 000,103,512 | ---- | C] () -- C:\windows\System32\drivers\jraid.sys
[2011.12.21 13:11:21 | 000,265,384 | ---- | C] () -- C:\windows\System32\drivers\e1q6232.sys
[2011.12.21 13:11:17 | 000,963,116 | ---- | C] () -- C:\windows\System32\igkrng600.bin
[2011.12.21 13:11:15 | 000,217,536 | ---- | C] () -- C:\windows\System32\igfcg600m.bin
[2011.12.21 13:11:15 | 000,004,096 | ---- | C] ( ) -- C:\windows\System32\IGFXDEVLib.dll
[2011.12.21 13:11:14 | 010,858,496 | ---- | C] () -- C:\windows\System32\drivers\igdkmd32.sys
[2011.12.21 13:11:14 | 000,056,832 | ---- | C] () -- C:\windows\System32\igdde32.dll
[2011.12.21 13:11:13 | 013,903,872 | ---- | C] () -- C:\windows\System32\ig4icd32.dll
[2011.12.21 13:11:11 | 000,462,104 | ---- | C] () -- C:\windows\System32\drivers\iaStor.sys
[2011.12.21 13:11:11 | 000,270,336 | ---- | C] () -- C:\windows\System32\drivers\IntcDAud.sys
[2011.12.21 13:11:11 | 000,073,096 | ---- | C] () -- C:\windows\System32\drivers\ftser2k.sys
[2011.12.21 13:11:11 | 000,060,552 | ---- | C] () -- C:\windows\System32\drivers\ftdibus.sys
[2011.12.21 13:11:11 | 000,041,088 | ---- | C] () -- C:\windows\System32\drivers\HECI.sys
[2011.12.21 13:11:10 | 000,315,880 | ---- | C] () -- C:\windows\System32\drivers\asmtxhci.sys
[2011.12.21 13:11:10 | 000,101,352 | ---- | C] () -- C:\windows\System32\drivers\asmthub3.sys
[2011.12.20 13:43:39 | 000,116,224 | ---- | C] () -- C:\windows\System32\pdfcmnnt.dll
[2011.12.20 13:30:21 | 000,038,912 | ---- | C] () -- C:\windows\System32\csrsrv.dll
[2011.10.28 10:08:19 | 000,338,944 | ---- | C] () -- C:\windows\System32\drivers\afd.sys
[2011.10.28 10:08:16 | 000,311,808 | ---- | C] () -- C:\windows\System32\drivers\srv.sys
[2011.10.28 10:08:16 | 000,310,272 | ---- | C] () -- C:\windows\System32\drivers\srv2.sys
[2011.10.28 10:08:16 | 000,223,744 | ---- | C] () -- C:\windows\System32\drivers\mrxsmb10.sys
[2011.10.28 10:08:16 | 000,123,904 | ---- | C] () -- C:\windows\System32\drivers\mrxsmb.sys
[2011.10.28 10:08:16 | 000,114,688 | ---- | C] () -- C:\windows\System32\drivers\srvnet.sys
[2011.10.28 10:08:16 | 000,096,768 | ---- | C] () -- C:\windows\System32\drivers\mrxsmb20.sys
[2011.08.02 15:38:44 | 000,018,432 | ---- | C] () -- C:\windows\System32\drivers\netaapl.sys
[2011.06.03 12:26:43 | 000,027,008 | ---- | C] () -- C:\windows\System32\drivers\Diskdump.sys
[2011.06.03 12:02:18 | 007,435,264 | ---- | C] () -- C:\windows\System32\drivers\NETwNs32.sys
[2011.06.03 11:49:56 | 000,332,160 | ---- | C] () -- C:\windows\System32\drivers\iaStorV.sys
[2011.06.03 11:49:56 | 000,148,864 | ---- | C] () -- C:\windows\System32\drivers\storport.sys
[2011.06.03 11:49:56 | 000,143,744 | ---- | C] () -- C:\windows\System32\drivers\nvstor.sys
[2011.06.03 11:49:56 | 000,117,120 | ---- | C] () -- C:\windows\System32\drivers\nvraid.sys
[2011.06.03 11:49:56 | 000,080,256 | ---- | C] () -- C:\windows\System32\drivers\amdsata.sys
[2011.06.03 11:49:56 | 000,076,288 | ---- | C] () -- C:\windows\System32\drivers\USBSTOR.SYS
[2011.06.03 11:49:56 | 000,022,400 | ---- | C] () -- C:\windows\System32\drivers\amdxata.sys
[2011.06.03 11:49:55 | 000,284,672 | ---- | C] () -- C:\windows\System32\drivers\usbport.sys
[2011.06.03 11:49:55 | 000,258,560 | ---- | C] () -- C:\windows\System32\drivers\usbhub.sys
[2011.06.03 11:49:55 | 000,075,776 | ---- | C] () -- C:\windows\System32\drivers\usbccgp.sys
[2011.06.03 11:49:55 | 000,043,008 | ---- | C] () -- C:\windows\System32\drivers\usbehci.sys
[2011.06.03 11:49:55 | 000,024,064 | ---- | C] () -- C:\windows\System32\drivers\usbuhci.sys
[2011.06.03 11:49:55 | 000,020,480 | ---- | C] () -- C:\windows\System32\drivers\usbohci.sys
[2011.06.03 11:49:55 | 000,005,888 | ---- | C] () -- C:\windows\System32\drivers\usbd.sys
[2011.04.13 13:16:52 | 000,069,632 | ---- | C] () -- C:\windows\System32\drivers\bowser.sys
[2011.02.23 13:27:45 | 000,867,020 | ---- | C] () -- C:\windows\System32\igkrng575.bin
[2011.02.23 13:27:44 | 000,128,204 | ---- | C] () -- C:\windows\System32\igcompkrng575.bin
[2011.02.23 13:27:44 | 000,105,420 | ---- | C] () -- C:\windows\System32\igfcg575m.bin
[2011.02.23 11:09:58 | 000,021,318 | ---- | C] () -- C:\windows\Ascd_tmp.ini
[2011.02.23 11:09:19 | 000,001,769 | ---- | C] () -- C:\windows\Language_trs.ini
[2011.02.22 22:47:01 | 000,145,804 | ---- | C] () -- C:\windows\System32\igcompkrng600.bin
[2011.02.22 22:47:01 | 000,094,208 | ---- | C] () -- C:\windows\System32\IccLibDll.dll
[2011.02.22 17:45:21 | 000,219,008 | ---- | C] () -- C:\windows\System32\drivers\dxgmms1.sys
[2011.02.22 17:01:53 | 000,190,976 | ---- | C] () -- C:\windows\System32\drivers\ks.sys
[2011.02.22 17:01:53 | 000,115,712 | ---- | C] () -- C:\windows\System32\drivers\mrxdav.sys
[2011.02.22 17:01:53 | 000,078,208 | ---- | C] () -- C:\windows\System32\drivers\mountmgr.sys
[2011.02.22 17:01:53 | 000,048,640 | ---- | C] () -- C:\windows\System32\drivers\ndproxy.sys
[2011.02.22 17:01:53 | 000,028,032 | ---- | C] () -- C:\windows\System32\drivers\msahci.sys
[2011.02.22 17:01:53 | 000,006,656 | ---- | C] () -- C:\windows\System32\KBDPO.DLL
[2011.02.22 17:01:53 | 000,006,656 | ---- | C] () -- C:\windows\System32\KBDINBEN.DLL
[2011.02.22 17:01:53 | 000,006,144 | ---- | C] () -- C:\windows\System32\KBDUS.DLL
[2011.02.22 17:01:53 | 000,006,144 | ---- | C] () -- C:\windows\System32\KBDINTEL.DLL
[2011.02.22 17:01:53 | 000,006,144 | ---- | C] () -- C:\windows\System32\KBDBULG.DLL
[2011.02.22 17:01:52 | 000,274,304 | ---- | C] () -- C:\windows\System32\drivers\acpi.sys
[2011.02.22 17:01:52 | 000,194,432 | ---- | C] () -- C:\windows\System32\halmacpi.dll
[2011.02.22 17:01:52 | 000,194,432 | ---- | C] () -- C:\windows\System32\hal.dll
[2011.02.22 17:01:52 | 000,164,864 | ---- | C] () -- C:\windows\System32\drivers\1394ohci.sys
[2011.02.22 17:01:52 | 000,137,088 | ---- | C] () -- C:\windows\System32\halacpi.dll
[2011.02.22 17:01:52 | 000,132,992 | ---- | C] () -- C:\windows\System32\drivers\ataport.sys
[2011.02.22 17:01:52 | 000,065,536 | ---- | C] () -- C:\windows\System32\drivers\IPMIDrv.sys
[2011.02.22 17:01:52 | 000,062,464 | ---- | C] () -- C:\windows\System32\drivers\dmvsc.sys
[2011.02.22 17:01:51 | 000,173,440 | ---- | C] () -- C:\windows\System32\drivers\rdyboost.sys
[2011.02.22 17:01:51 | 000,121,856 | ---- | C] () -- C:\windows\System32\RDPENCDD.dll
[2011.02.22 17:01:51 | 000,066,048 | ---- | C] () -- C:\windows\System32\PrintBrmUi.exe
[2011.02.22 17:01:51 | 000,063,488 | ---- | C] () -- C:\windows\System32\drivers\wanarp.sys
[2011.02.22 17:01:51 | 000,005,632 | ---- | C] () -- C:\windows\System32\drivers\vms3cap.sys
[2011.02.22 17:01:50 | 000,085,376 | ---- | C] () -- C:\windows\System32\drivers\sbp2port.sys
[2011.02.22 17:01:50 | 000,012,800 | ---- | C] () -- C:\windows\System32\drivers\sffp_sd.sys
[2011.02.22 17:01:48 | 000,520,064 | ---- | C] () -- C:\windows\System32\mcupdate_GenuineIntel.dll
[2011.02.22 17:01:48 | 000,006,656 | ---- | C] () -- C:\windows\System32\KBDTUQ.DLL
[2011.02.22 17:01:48 | 000,006,656 | ---- | C] () -- C:\windows\System32\KBDTUF.DLL
[2011.02.22 17:01:48 | 000,006,656 | ---- | C] () -- C:\windows\System32\KBDNEPR.DLL
[2011.02.22 17:01:48 | 000,006,144 | ---- | C] () -- C:\windows\System32\KBDBLR.DLL
[2011.02.22 17:01:48 | 000,006,144 | ---- | C] () -- C:\windows\System32\KBDBASH.DLL
[2011.02.22 17:01:47 | 000,118,784 | ---- | C] () -- C:\windows\System32\drivers\ndiswan.sys
[2011.02.22 17:01:44 | 000,245,632 | ---- | C] () -- C:\windows\System32\drivers\volsnap.sys
[2011.02.22 17:01:44 | 000,006,656 | ---- | C] () -- C:\windows\System32\drivers\RDPCDD.sys
[2011.02.22 17:01:43 | 000,026,624 | ---- | C] () -- C:\windows\System32\drivers\scfilter.sys
[2011.02.22 17:01:42 | 000,690,680 | ---- | C] () -- C:\windows\System32\ci.dll
[2011.02.22 17:01:42 | 000,242,688 | ---- | C] () -- C:\windows\System32\drivers\rdbss.sys
[2011.02.22 17:01:42 | 000,233,344 | ---- | C] () -- C:\windows\System32\drivers\msiscsi.sys
[2011.02.22 17:01:42 | 000,130,432 | ---- | C] () -- C:\windows\System32\drivers\mpio.sys
[2011.02.22 17:01:42 | 000,116,096 | ---- | C] () -- C:\windows\System32\drivers\msdsm.sys
[2011.02.22 17:01:42 | 000,107,520 | ---- | C] () -- C:\windows\System32\cdd.dll
[2011.02.22 17:01:42 | 000,046,080 | ---- | C] () -- C:\windows\System32\drivers\ndisuio.sys
[2011.02.22 17:01:42 | 000,028,160 | ---- | C] () -- C:\windows\System32\drivers\kbdhid.sys
[2011.02.22 17:01:42 | 000,006,656 | ---- | C] () -- C:\windows\System32\KBDGR1.DLL
[2011.02.22 17:01:42 | 000,006,144 | ---- | C] () -- C:\windows\System32\KBDUGHR1.DLL
[2011.02.22 17:01:42 | 000,006,144 | ---- | C] () -- C:\windows\System32\KBDTAJIK.DLL
[2011.02.22 17:01:42 | 000,006,144 | ---- | C] () -- C:\windows\System32\KBDMON.DLL
[2011.02.22 17:01:42 | 000,006,144 | ---- | C] () -- C:\windows\System32\KBDMAORI.DLL
[2011.02.22 17:01:42 | 000,006,144 | ---- | C] () -- C:\windows\System32\KBDINORI.DLL
[2011.02.22 17:01:41 | 000,728,448 | ---- | C] () -- C:\windows\System32\drivers\dxgkrnl.sys
[2011.02.22 17:01:41 | 000,513,536 | ---- | C] () -- C:\windows\System32\drivers\http.sys
[2011.02.22 17:01:41 | 000,194,800 | ---- | C] () -- C:\windows\System32\drivers\fvevol.sys
[2011.02.22 17:01:41 | 000,078,336 | ---- | C] () -- C:\windows\System32\drivers\dfsc.sys
[2011.02.22 17:01:41 | 000,050,176 | ---- | C] () -- C:\windows\System32\drivers\appid.sys
[2011.02.22 17:01:41 | 000,039,936 | ---- | C] () -- C:\windows\System32\drivers\umbus.sys
[2011.02.22 17:01:41 | 000,031,232 | ---- | C] () -- C:\windows\System32\drivers\tssecsrv.sys
[2011.02.22 17:01:41 | 000,014,208 | ---- | C] () -- C:\windows\System32\drivers\hwpolicy.sys
[2011.02.22 17:01:40 | 000,074,752 | ---- | C] () -- C:\windows\System32\drivers\tdx.sys
[2011.02.22 17:01:39 | 000,021,504 | ---- | C] () -- C:\windows\System32\drivers\tdi.sys
[2011.02.22 17:01:38 | 000,040,704 | ---- | C] () -- C:\windows\System32\drivers\vmstorfl.sys
[2011.02.22 17:01:37 | 000,140,160 | ---- | C] () -- C:\windows\System32\drivers\scsiport.sys
[2011.02.22 17:01:37 | 000,028,032 | ---- | C] () -- C:\windows\System32\drivers\storvsc.sys
[2011.02.22 17:01:37 | 000,026,624 | ---- | C] () -- C:\windows\System32\RDPREFDD.dll
[2011.02.22 17:01:36 | 000,213,504 | ---- | C] () -- C:\windows\System32\rdpdd.dll
[2011.02.22 17:01:36 | 000,133,632 | ---- | C] () -- C:\windows\System32\drivers\rdpdr.sys
[2011.02.22 17:01:35 | 000,117,760 | ---- | C] () -- C:\windows\System32\drivers\rmcast.sys
[2011.02.22 17:01:34 | 000,187,904 | ---- | C] () -- C:\windows\System32\drivers\netbt.sys
[2011.02.22 17:01:34 | 000,175,360 | ---- | C] () -- C:\windows\System32\drivers\vmbus.sys
[2011.02.22 17:01:34 | 000,153,984 | ---- | C] () -- C:\windows\System32\drivers\pci.sys
[2011.02.22 17:01:34 | 000,017,920 | ---- | C] () -- C:\windows\System32\drivers\VMBusHID.sys
[2011.02.22 17:01:33 | 000,246,784 | ---- | C] () -- C:\windows\System32\drivers\udfs.sys
[2011.02.22 17:01:33 | 000,160,128 | ---- | C] () -- C:\windows\System32\drivers\vhdmp.sys
[2011.02.22 17:01:33 | 000,108,544 | ---- | C] () -- C:\windows\System32\drivers\tunnel.sys
[2011.02.22 17:01:33 | 000,053,120 | ---- | C] () -- C:\windows\System32\drivers\volmgr.sys
[2011.02.22 17:01:32 | 000,508,904 | ---- | C] () -- C:\windows\System32\winload.exe
[2011.02.22 17:01:31 | 000,053,120 | ---- | C] () -- C:\windows\System32\drivers\termdd.sys
[2011.02.22 17:01:31 | 000,035,968 | ---- | C] () -- C:\windows\System32\drivers\winusb.sys
[2011.02.22 17:01:31 | 000,024,064 | ---- | C] () -- C:\windows\System32\drivers\hidusb.sys
[2011.02.22 17:01:31 | 000,018,432 | ---- | C] () -- C:\windows\System32\drivers\tdpipe.sys
[2011.02.22 17:01:30 | 000,388,096 | ---- | C] () -- C:\windows\System32\drivers\csc.sys
[2011.02.22 17:01:30 | 000,108,544 | ---- | C] () -- C:\windows\System32\drivers\hdaudbus.sys
[2011.02.22 17:01:30 | 000,108,544 | ---- | C] () -- C:\windows\System32\drivers\cdrom.sys
[2011.02.22 17:01:30 | 000,055,808 | ---- | C] () -- C:\windows\System32\drivers\hidclass.sys
[2011.02.22 17:01:30 | 000,031,232 | ---- | C] () -- C:\windows\System32\drivers\CompositeBus.sys
[2011.02.22 17:01:30 | 000,010,240 | ---- | C] () -- C:\windows\System32\drivers\acpipmi.sys
[2011.02.22 17:01:30 | 000,007,168 | ---- | C] () -- C:\windows\System32\KBDSG.DLL
[2011.02.22 17:01:30 | 000,007,168 | ---- | C] () -- C:\windows\System32\kbdlk41a.dll
[2011.02.22 17:01:30 | 000,007,168 | ---- | C] () -- C:\windows\System32\KBDCZ1.DLL
[2011.02.22 17:01:30 | 000,006,656 | ---- | C] () -- C:\windows\System32\KBDSF.DLL
[2011.02.22 17:01:30 | 000,006,656 | ---- | C] () -- C:\windows\System32\KBDGKL.DLL
[2011.02.22 17:01:30 | 000,006,144 | ---- | C] () -- C:\windows\System32\KBDTURME.DLL
[2011.02.22 17:01:30 | 000,006,144 | ---- | C] () -- C:\windows\System32\KBDLT1.DLL
[2011.02.22 17:01:30 | 000,006,144 | ---- | C] () -- C:\windows\System32\KBDINTAM.DLL
[2011.02.22 17:01:30 | 000,006,144 | ---- | C] () -- C:\windows\System32\KBDINMAR.DLL
[2011.02.22 17:01:30 | 000,006,144 | ---- | C] () -- C:\windows\System32\KBDINKAN.DLL
[2011.02.22 17:01:30 | 000,006,144 | ---- | C] () -- C:\windows\System32\KBDINHIN.DLL
[2011.02.22 17:01:30 | 000,005,632 | ---- | C] () -- C:\windows\System32\KBDGEO.DLL
[2011.02.16 15:52:46 | 000,011,520 | ---- | C] () -- C:\windows\System32\drivers\wdcsam.sys
[2010.05.21 09:28:01 | 000,000,498 | RHS- | C] () -- C:\ProgramData\ntuser.pol
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
--- --- ---
OTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 31.01.2013 20:08:18 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\DBK23\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,42 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 73,52% Memory free
7,42 Gb Paging File | 6,47 Gb Available in Paging File | 87,20% Paging File free
Paging file location(s): c:\pagefile.sys 4095 4095 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,27 Gb Total Space | 380,40 Gb Free Space | 81,76% Space Free | Partition Type: NTFS
Computer Name: PRODBK23 | User Name: DBK23 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [DosHere] -- C:\WINDOWS\System32\cmd.exe /k cd /d "%1" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{15CB706D-19E4-44B1-88F9-C691864C5E15}" = StarMoney 8.0 apoEdition
"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5B12C1F2-A0BC-40E8-97F8-A4854C5F494E}" = StarMoney
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{69261DCF-9029-40F4-A42C-EC83BB7788F2}_is1" = Able2Extract 7.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7895E7FF-C210-4C01-88EB-8B902140B22D}" = StarMoney
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{868291A4-229E-4795-B0B0-E60E87AF53CD}" = Sibelius Scorch (ActiveX Only)
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{BC3804E5-77CC-47A0-8BD5-797355A26BA3}" = WD SmartWare
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{D6B3114F-945B-4980-BF7A-AF12E9161A0F}" = iCloud
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"DB2Uninst" = DB2
"DFÜ-Speed" = DFÜ-Speed
"EBay Datev Schnittstelle_is1" = EBay Datev Schnittstelle Version 1.06.4
"FileZilla Client" = FileZilla Client 3.5.3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MSC" = McAfee Internet Security Suite
"NCP RWS/GA" = NCP Secure Entry Client
"NetMos Technology" = NetMos Multi-IO Controller
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"PicPick" = PicPick
"Ravensburger tiptoi" = Ravensburger tiptoi
"TomTom HOME" = TomTom HOME 2.8.4.2596
"Trojancheck_is1" = Trojancheck 6
"TVWiz" = Intel(R) TV Wizard
"Ultravnc2_is1" = UltraVNC 1.0.8.2
"WinLiveSuite_Wave3" = Windows Live Essentials
"XSManager" = XSManager
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1119278486-3806077164-1662528105-1059\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ActiveTrader 5.4.0_b7" = ActiveTrader 5.4.0_b7
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 14.12.2012 03:47:24 | Computer Name = PRODBK23 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ApplePhotoStreams.exe, Version: 7.5.43.3,
Zeitstempel: 0x502db3a4 Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.6195,
Zeitstempel: 0x4dcddbf3 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00014500 ID des fehlerhaften
Prozesses: 0xb90 Startzeit der fehlerhaften Anwendung: 0x01cdd9ceef8a0c44 Pfad der
fehlerhaften Anwendung: C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
Pfad
des fehlerhaften Moduls: C:\windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
Berichtskennung:
7f71e4e2-45c2-11e2-a4b9-4c8093563d98
Error - 14.12.2012 05:44:33 | Computer Name = PRODBK23 | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16457 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1fe0 Startzeit: 01cdd9da3e5e73a7 Endzeit: 40 Anwendungspfad:
C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID:
Error - 15.12.2012 04:59:24 | Computer Name = PRODBK23 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ApplePhotoStreams.exe, Version: 7.5.43.3,
Zeitstempel: 0x502db3a4 Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.6195,
Zeitstempel: 0x4dcddbf3 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00014500 ID des fehlerhaften
Prozesses: 0xb48 Startzeit der fehlerhaften Anwendung: 0x01cddaa214bb6ae1 Pfad der
fehlerhaften Anwendung: C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
Pfad
des fehlerhaften Moduls: C:\windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
Berichtskennung:
b8d59630-4695-11e2-bbaa-4c8093563d98
Error - 15.12.2012 05:27:37 | Computer Name = PRODBK23 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ApplePhotoStreams.exe, Version: 7.5.43.3,
Zeitstempel: 0x502db3a4 Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.6195,
Zeitstempel: 0x4dcddbf3 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00014500 ID des fehlerhaften
Prozesses: 0xc68 Startzeit der fehlerhaften Anwendung: 0x01cddaa659fa82e9 Pfad der
fehlerhaften Anwendung: C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
Pfad
des fehlerhaften Moduls: C:\windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
Berichtskennung:
a9a3d8d0-4699-11e2-bc2e-4c8093563d98
Error - 16.12.2012 06:10:36 | Computer Name = PRODBK23 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ApplePhotoStreams.exe, Version: 7.5.43.3,
Zeitstempel: 0x502db3a4 Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.6195,
Zeitstempel: 0x4dcddbf3 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00014500 ID des fehlerhaften
Prozesses: 0xf14 Startzeit der fehlerhaften Anwendung: 0x01cddb74d9cad0f9 Pfad der
fehlerhaften Anwendung: C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
Pfad
des fehlerhaften Moduls: C:\windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
Berichtskennung:
d51eeefa-4768-11e2-bd8d-4c8093563d98
Error - 16.12.2012 15:39:18 | Computer Name = PRODBK23 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ApplePhotoStreams.exe, Version: 7.5.43.3,
Zeitstempel: 0x502db3a4 Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.6195,
Zeitstempel: 0x4dcddbf3 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00014500 ID des fehlerhaften
Prozesses: 0xc30 Startzeit der fehlerhaften Anwendung: 0x01cddbc502e36155 Pfad der
fehlerhaften Anwendung: C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
Pfad
des fehlerhaften Moduls: C:\windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
Berichtskennung:
474c9ef2-47b8-11e2-bdde-4c8093563d98
Error - 17.12.2012 03:21:41 | Computer Name = PRODBK23 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ApplePhotoStreams.exe, Version: 7.5.43.3,
Zeitstempel: 0x502db3a4 Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.6195,
Zeitstempel: 0x4dcddbf3 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00014500 ID des fehlerhaften
Prozesses: 0xc38 Startzeit der fehlerhaften Anwendung: 0x01cddc27177448a0 Pfad der
fehlerhaften Anwendung: C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
Pfad
des fehlerhaften Moduls: C:\windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
Berichtskennung:
66dbce7f-481a-11e2-be52-4c8093563d98
Error - 17.12.2012 04:21:42 | Computer Name = PRODBK23 | Source = Application Hang | ID = 1002
Description = Programm EBay2Datev.exe, Version 1.6.4.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1308 Startzeit:
01cddc2f17ecc542 Endzeit: 23 Anwendungspfad: C:\Program Files\EBay2Datev\EBay2Datev.exe
Berichts-ID:
c6796008-4822-11e2-be52-4c8093563d98
Error - 17.12.2012 09:58:13 | Computer Name = PRODBK23 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ApplePhotoStreams.exe, Version: 7.5.43.3,
Zeitstempel: 0x502db3a4 Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.6195,
Zeitstempel: 0x4dcddbf3 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00014500 ID des fehlerhaften
Prozesses: 0xb44 Startzeit der fehlerhaften Anwendung: 0x01cddc5e4796d602 Pfad der
fehlerhaften Anwendung: C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
Pfad
des fehlerhaften Moduls: C:\windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
Berichtskennung:
cbaa4f44-4851-11e2-884f-4c8093563d98
Error - 18.12.2012 04:48:43 | Computer Name = PRODBK23 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ApplePhotoStreams.exe, Version: 7.5.43.3,
Zeitstempel: 0x502db3a4 Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.6195,
Zeitstempel: 0x4dcddbf3 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00014500 ID des fehlerhaften
Prozesses: 0xc68 Startzeit der fehlerhaften Anwendung: 0x01cddcfc6d818f7e Pfad der
fehlerhaften Anwendung: C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
Pfad
des fehlerhaften Moduls: C:\windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
Berichtskennung:
b992d791-48ef-11e2-99f0-4c8093563d98
[ System Events ]
Error - 31.01.2013 15:06:59 | Computer Name = PRODBK23 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: %%1060
Error - 31.01.2013 15:07:03 | Computer Name = PRODBK23 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "MBAMService" ist vom Dienst "MBAMProtector" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 31.01.2013 15:07:03 | Computer Name = PRODBK23 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem
Fehler beendet: %%-2147024891
Error - 31.01.2013 15:07:03 | Computer Name = PRODBK23 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "McAfee Validation Trust Protection Service" ist vom Dienst
"McAfee Inc. mfehidk" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%31
Error - 31.01.2013 15:07:12 | Computer Name = PRODBK23 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "McAfee McShield" ist vom Dienst "McAfee Validation Trust
Protection Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error - 31.01.2013 15:07:12 | Computer Name = PRODBK23 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "McAfee Firewall Core Service" ist vom Dienst "McAfee Validation
Trust Protection Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1068
Error - 31.01.2013 15:07:12 | Computer Name = PRODBK23 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom mfehidk mfewfpk
Error - 31.01.2013 15:07:37 | Computer Name = PRODBK23 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem
Fehler beendet: %%-2147024891
Error - 31.01.2013 15:07:37 | Computer Name = PRODBK23 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2147024891
Error - 31.01.2013 15:09:14 | Computer Name = PRODBK23 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Software Protection" wurde mit folgendem Fehler beendet:
%%5
< End of report >
--- --- --- |
AdwCleaner auf deinen Desktop.